Cloudflare security breach exposes data from Uber, Fitbit, OKCupid among 3,400 websites; password changes recommended

User data from 3,400 websites has been leaked and cached by search engines as a result of a bug in Cloudflare, a content delivery network. Sites affected over the course of several months include major ones like Uber, Fitbit and dating site OKCupid. 1Password also uses Cloudflare, but says that end-to-end encryption means that no customer data was exposed.

ArsTechnica reports that the leaks were spotted by Google security researcher Tavis Ormandy.

We observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security.

Cloudflare has admitted that the breach occurred, but Ormandy and other security researchers believe the company is underplaying the severity of the incident …

more…

ZTE’s ZMax Pro has a 6-inch screen, 3,400 mAh battery, fingerprint sensor, 32GB, more for just $99

With the proliferation of cheap smartphones with decent specs from less-known OEMs, it is increasingly hard to stand out among the crowd. ZTE’s latest attempt to do so is the 6-inch ZMax Pro for MetroPCS. With such features as a USB-C port, fingerprint sensor, and 3,400 mAh battery, its price point is remarkably impressive…

more…

Filed under: Google Corporate